Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Include upcoming default values for the session timeouts in the deprecation log. #106673

Merged
merged 1 commit into from
Jul 26, 2021
Merged

Include upcoming default values for the session timeouts in the deprecation log. #106673

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 52 additions & 2 deletions x-pack/plugins/security/server/config_deprecations.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,13 +29,47 @@ const applyConfigDeprecations = (settings: Record<string, any> = {}) => {
};

describe('Config Deprecations', () => {
it('does not report deprecations for default configuration', () => {
const defaultConfig = { xpack: { security: {} } };
it('does not report any deprecations if session timeouts are specified', () => {
const defaultConfig = { xpack: { security: { session: { idleTimeout: 123, lifespan: 345 } } } };
const { messages, migrated } = applyConfigDeprecations(cloneDeep(defaultConfig));
expect(migrated).toEqual(defaultConfig);
expect(messages).toHaveLength(0);
});

it('reports that session idleTimeout and lifespan will have default values if none of them is specified', () => {
const defaultConfig = { xpack: { security: {} } };
const { messages, migrated } = applyConfigDeprecations(cloneDeep(defaultConfig));
expect(migrated).toEqual(defaultConfig);
expect(messages).toMatchInlineSnapshot(`
Array [
"Session idle timeout (\\"xpack.security.session.idleTimeout\\") will be set to 1 hour by default in the next major version (8.0).",
"Session lifespan (\\"xpack.security.session.lifespan\\") will be set to 30 days by default in the next major version (8.0).",
]
`);
});

it('reports that session idleTimeout will have a default value if it is not specified', () => {
const defaultConfig = { xpack: { security: { session: { lifespan: 345 } } } };
const { messages, migrated } = applyConfigDeprecations(cloneDeep(defaultConfig));
expect(migrated).toEqual(defaultConfig);
expect(messages).toMatchInlineSnapshot(`
Array [
"Session idle timeout (\\"xpack.security.session.idleTimeout\\") will be set to 1 hour by default in the next major version (8.0).",
]
`);
});

it('reports that session lifespan will have a default value if it is not specified', () => {
const defaultConfig = { xpack: { security: { session: { idleTimeout: 123 } } } };
const { messages, migrated } = applyConfigDeprecations(cloneDeep(defaultConfig));
expect(migrated).toEqual(defaultConfig);
expect(messages).toMatchInlineSnapshot(`
Array [
"Session lifespan (\\"xpack.security.session.lifespan\\") will be set to 30 days by default in the next major version (8.0).",
]
`);
});

it('renames sessionTimeout to session.idleTimeout', () => {
const config = {
xpack: {
Expand All @@ -50,6 +84,7 @@ describe('Config Deprecations', () => {
expect(messages).toMatchInlineSnapshot(`
Array [
"\\"xpack.security.sessionTimeout\\" is deprecated and has been replaced by \\"xpack.security.session.idleTimeout\\"",
"Session lifespan (\\"xpack.security.session.lifespan\\") will be set to 30 days by default in the next major version (8.0).",
]
`);
});
Expand All @@ -58,6 +93,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
appender: {
kind: 'console',
Expand All @@ -80,6 +116,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
appender: {
layout: { kind: 'pattern' },
Expand All @@ -102,6 +139,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
appender: {
policy: { kind: 'time-interval' },
Expand All @@ -124,6 +162,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
appender: {
strategy: { kind: 'numeric' },
Expand All @@ -146,6 +185,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
appender: {
type: 'file',
Expand All @@ -169,6 +209,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
enabled: true,
},
Expand All @@ -188,6 +229,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
enabled: true,
appender: {
Expand All @@ -207,6 +249,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
audit: {
enabled: true,
appender: {
Expand All @@ -231,6 +274,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
authorization: {
legacyFallback: {
enabled: true,
Expand All @@ -251,6 +295,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
authc: {
saml: {
maxRedirectURLSize: 123,
Expand All @@ -271,6 +316,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
authc: {
providers: {
saml: {
Expand All @@ -295,6 +341,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
authc: {
providers: ['basic', 'saml'],
},
Expand All @@ -314,6 +361,7 @@ describe('Config Deprecations', () => {
const config = {
xpack: {
security: {
session: { idleTimeout: 123, lifespan: 345 },
authc: {
providers: ['basic', 'token'],
},
Expand All @@ -335,6 +383,7 @@ describe('Config Deprecations', () => {
xpack: {
security: {
enabled: false,
session: { idleTimeout: 123, lifespan: 345 },
},
},
};
Expand All @@ -352,6 +401,7 @@ describe('Config Deprecations', () => {
xpack: {
security: {
enabled: true,
session: { idleTimeout: 123, lifespan: 345 },
},
},
};
Expand Down
32 changes: 32 additions & 0 deletions x-pack/plugins/security/server/config_deprecations.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,4 +110,36 @@ export const securityConfigDeprecationProvider: ConfigDeprecationProvider = ({
});
}
},
// Default values for session expiration timeouts.
(settings, fromPath, addDeprecation) => {
if (settings?.xpack?.security?.session?.idleTimeout === undefined) {
addDeprecation({
message:
'Session idle timeout ("xpack.security.session.idleTimeout") will be set to 1 hour by default in the next major version (8.0).',
documentationUrl:
'https://www.elastic.co/guide/en/kibana/current/xpack-security-session-management.html#session-idle-timeout',
correctiveActions: {
manualSteps: [
`Use "xpack.security.session.idleTimeout" in your Kibana configuration to change default session idle timeout.`,
`To disable session idle timeout, set "xpack.security.session.idleTimeout" to 0.`,
],
},
});
}

if (settings?.xpack?.security?.session?.lifespan === undefined) {
addDeprecation({
message:
'Session lifespan ("xpack.security.session.lifespan") will be set to 30 days by default in the next major version (8.0).',
documentationUrl:
'https://www.elastic.co/guide/en/kibana/current/xpack-security-session-management.html#session-lifespan',
correctiveActions: {
manualSteps: [
`Use "xpack.security.session.lifespan" in your Kibana configuration to change default session lifespan.`,
`To disable session lifespan, set "xpack.security.session.lifespan" to 0.`,
],
},
});
}
},
];